shared/capabilities: simplify assertions about bits
The assert added in 7d328b5446
was wrong. Also update the comments
and make sure we don't try to shift by type size.
This commit is contained in:
parent
6295ba8c3d
commit
2c9fc26670
|
@ -275,10 +275,10 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) {
|
|||
if (keep_capabilities & (1ULL << i))
|
||||
bits[j++] = i;
|
||||
|
||||
/* don't keep too many bits */
|
||||
assert((keep_capabilities & (~1ULL << i)) == 0);
|
||||
/* don't throw away too many bits */
|
||||
assert(((keep_capabilities >> i) & (~1ULL >> i)) == 0);
|
||||
/* use enough bits */
|
||||
assert(i == 64 || (keep_capabilities >> i) == 0);
|
||||
/* don't use too many bits */
|
||||
assert(keep_capabilities & (1ULL << (i - 1)));
|
||||
|
||||
if (cap_set_flag(d, CAP_EFFECTIVE, j, bits, CAP_SET) < 0 ||
|
||||
cap_set_flag(d, CAP_PERMITTED, j, bits, CAP_SET) < 0) {
|
||||
|
|
Loading…
Reference in a new issue